Agenda

A key activity for addressing cybersecurity requires the establishment of watch, warning and incident response capabilities, such as Computer Incident Response Team (CIRTs) to prepare for, detect, manage, and respond to cyber incidents. Effective incident management requires consideration of funding, human resources, training, technological capability, government and private sector collaboration, and legal requirements. Collaboration at all levels of government and with the private sector, academia, regional and international organizations, is necessary to raise awareness of potential attacks and steps toward remediation.

One of the primary objectives of CIRTs is to analyze the state of internet security and convey this information to the people responsible in businesses, government agencies, academic institutions and other concerned parties in the internet community. They serve as main collecting point for information and incident reports with regards to cyber attacks and security flaws and the general state of security. Organizations need to be able to fully trust them with sensitive information about security compromises and network vulnerabilities, and keep their identities and other sensitive information confidential.

When they receive an incident report, they analyze the potential vulnerability and work with technology manufacturers to inform them of security deficiencies in their products and to facilitate and track their response to these problems, among other things. As information and network security is a highly complex issue, it requires not only close cooperation between the different stakeholder, but also incident analysis, alarms, warnings and the sharing of this critical information among the stakeholders.

This session discusses best practices, organizational structures and related standards in the technical, organizational and financial aspects of establishing national, regional and international watch, warning, and incident response capabilities.

Speakers list as follows:

1) Sami Al Basheer Al Moshid, Director, BDT, ITU (Chair)

2) Marco Obiso (BDT)

3) Koji Nakao (ITU-T Study Group G 17 Vice-Chairman, Japan)

4) Mohammad Shihab (IMPACT)

5) Dr. Sherif Hashem (Egypt)

6) Belhassen Zouari (Tunisia)

7) Dr. Sherif Elkassas (American University in Cairo and SecureMisr)

8) Ünal TATAR (UEKAE, Turkey)

Session 2:

Do we need an International Cooperation on Cybersecurity?

Background

Peace and security in cyberspace must be our goal for the 2010s. Today, we are already facing urgent, growing global problems of malicious use of the Internet, and massive and coordinated cyber attacks against critical information infrastructure of countries across the world. Malicious attacks in cyberspace are categories of cybercrime and a criminal misuse of information technology that are designed or intended to destroy or seriously disrupt critical information infrastructures. Such a global problem calls for global solutions for effective coordination and cooperation. Such a global framework could be in several formats including protocols, treaties, or conventions. The key here is to have an agreement in which all stakeholders are represented.

Existing international frameworks, even if they constitute good starting points, might not be sufficient, because of their being based on criminal cyber conducts of the late 1990s, or reflecting regional approaches. Considering exponentially rapid progress in Information Technology and the resulting emergence of unforeseen cyber-threats, new methods of conducts in cyberspace with criminal intent must be covered by criminal law, such as phishing, botnets, spam, identity theft, crime in virtual worlds, massive and coordinated cyber attacks against the critical information infrastructures.

It is therefore necessary to have an improved international/global framework considering the increasingly sophisticated and globally coordinated nature of cyber-attacks.

The speakers in this session are among the leading global experts on cybercrime, and most speakers were members of the global High Level Experts Group (HLEG) meetings in 2007-2008. Judge Schjolberg was the Chairman of this Group. The workshop aims at seeking views from a variety of the stakeholders’ groups, so that geographical diversity as well as different legal cultures are taken in consideration.